Receive alerts when this company posts new jobs.
Sr Security Engineer
at Landis+Gyr Inc
Landis+Gyr is looking for a Sr. Security Engineer. In this role, the Sr. Security Engineer responsibilities include:
- Under the Chief Information Security Officer, lead the effort to protect and defend the company cloud services (customer) environments, driving security solutions within the cloud security space and meeting with customers on security services.
- Drive the creation of run books and processes to ensure customer cloud service environment is secure
- Continuously improve and assist in the solutioning and documentation of security processes within the OT and IT environment.
- Work to develop SLA's surrounding security processes and Incident Response plans for the cloud service environment.
- Lead security project implementations within the cloud environment, including access management.
- Coordinate with security and IT teams to ensure maximum effectiveness in detections, remediations, and overall protection of the customer cloud environment.
- Drive security changes and best practices across the customer cloud services landscape.
- Work with IT leadership and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program to internal and customers.
- Partner with the SOC Manager to implement and manage the SIEM and Countermeasure processes and tools.
- Manage and escalate roadblocks that may jeopardize security operations, infrastructure, and SLA's.
- Serves as a technical lead on security topics within the cloud services environment.
- Leads the effort to develop, test, and deploy security services that are offered to customers.
- Summarize events/incidents effectively to different constituencies such as legal counsel, executive management, and technical staff, both in written and verbal forms.
- Managing the chain of custody for all evidence collected during incidents and security investigations.
- Broad information cybersecurity knowledge, including familiarity with common attack methodologies, tactics and protocols, Advance Persistent Threat groups, Hacker activities, etc.
- Significant experience in network intrusion detection, including experience using common network monitoring tools - IDS, IPS, SIEM, and Syslog
- Experience and knowledge with Identity Management tools
- Applied knowledge of common infrastructure architecture, including industry standard ports and protocols
- Experience and Knowledge with ServiceNow.
- Knowledge with LogRhythm
- Experience working within the Utility or Energy industry.
- Applied knowledge regarding incident response processes and procedures.
- Applied knowledge of common ports and protocols being leveraged for attack purposes.
- Experience with regulatory guidelines. (SSAE16, NIST, NERC, ISO)
- Advanced knowledge of threat and vulnerability landscape.
- Knowledge of application security testing (static, dynamic) and cloud security concepts.
- Excellent communication, writing, and interpersonal skills.
- Strong attention to detail along with sharp analytical skills to identify problems at the network, systems, and application layers.
- Ability to establish and maintain effective working relationships with customers, vendors, coworkers, employees, and upper management.
- 6+ years of experience with security concepts and practices
- 2-4 years’ experience supporting security tools and processes
- 2+ years’ experience supporting identity management solutions
- 4+ years’ experience working in or with Information Technology
- 4+ years’ experience within the Energy or critical infrastructure sector
- BA or equivalent knowledge / training
- CISSP or GIAC certification preferred
- Ability to work additional hours, which may include mornings, evenings and weekends if needed; ability to travel 10% of the time.
EOE AA M/F/Vet/Disability VEVRAA Federal Contractor